EPSS
Percentile
28.0%
pip suffers from improper input validation. The library does not properly handle unicode separators in git references. An attacker can use this flaw to install a different revision on a repository.
bugzilla.redhat.com/show_bug.cgi?id=1962856
github.com/pypa/pip/commit/ca832b2836e0bffa7cf95589acdcd71230f5834e
github.com/pypa/pip/pull/9827
www.oracle.com/security-alerts/cpuapr2022.html
www.oracle.com/security-alerts/cpujul2022.html